Healthcare CIOs are beginning to shed one of the common excuses for not moving over to the cloud: The cloud is not secure.

CIOs have been wary of healthcare cloud security because the cloud is often hosted and managed by companies like Amazon and Google that either do not have expertise in the healthcare industry or are only just beginning to gain experience in healthcare.

A recent SearchHealthIT survey revealed 41% of your peers are planning EHR upgrades in 2017. That’s why we’ve compiled this 35-page e-guide, to review key features of EHR systems and explore how EHRs are adapting to consumerization, new care models, and other health IT trends.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

But that sentiment about healthcare cloud security is beginning to change. Three CIOs share their thoughts on healthcare cloud security:

Ed McCallister

Ed McCallister, CIO at the University of Pittsburgh Medical Center, Pittsburgh: I'm very comfortable with security in the cloud, as comfortable as I would be with an on-premises model. Again, a lot has been invested with [the] cloud. The cloud-enabled players such as Microsoft and … Dell, all the usual large players, Google, Amazon. So, from a security standpoint, I'm very comfortable with the cloud. I think that [cloud vendors] follow the same security standards that we would follow in our own data center.

Indranil Ganguly

Indranil Ganguly, CIO at JFK Health System, Edison, N.J.: [Cloud vendors are in responsible for] … keeping the infrastructure solid and performance levels where [they] need to be and security where it needs to be. We have a contract that says 'Hey, you've got to maintain stuff to this level.' So it takes the headache of that off of the shoulders of our staff. I don't have to have people now focused on that and it allows our team to focus more on the application itself and making sure the application is set up well for our users, not worrying so much about 'Hey, we're running out of storage' or 'There's issues with connectivity' somebody else has to go take over a lot of that responsibility.

Karen Clark

Karen Clark, CIO at OrthoTennessee, Knoxville, Tenn.: If you'd asked this question four or five years ago, CIOs would have said, 'Absolutely not in the cloud. I don't trust it. Forget it. I want everything on the premises,' but clearly that's not the way that the world is going … the cloud makes our network more secure because all those public connections are being made to [the cloud provider's] system, not to ours.

There are some applications that really lend themselves [to being hosted in the cloud]. Email is a perfect cloud application. I think there are some areas where cloud applications are clearly where everything's going. And it makes really good sense. And I think people are thinking, 'Where does it make sense strategically from a cost perspective, from a security perspective?'

If you'd asked this question four or five years ago, CIOs would have said, 'Absolutely not in the cloud. I don't trust it. Forget it. I want everything on the premises,' but clearly that's not the way that the world is going.
Karen ClarkCIO at OrthoTennessee

Security, depends on how you implement it … I think it's entirely on how you configure [your cloud platform] and set [it] up and manage [it] For example, I use two-factor authentication on my personal Gmail account. I feel it's relatively secure. Now, if you're using a public email service like Gmail, you have to understand the limitations that that has. I think it's a complicated topic. And I don't think you can just peanut butter over the cloud saying, 'It's safe or it's not safe.' I think it's all over the map, but that's where providers like us … are aggregating our responsibility if we just say, 'Well, we're hosting it in the cloud, so now it's safe.' I mean, that's abandoning our responsibility. It's up to us to work with vendors that have appropriate security protocols and validate and verify them, especially when we're dealing with the EHR because it matters.

1 comment

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy